Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1thwQo-008t5L-Pf
	for pgsql-hackers@arkaria.postgresql.org; Tue, 11 Feb 2025 20:00:30 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1thwQn-00F4SW-Aq
	for pgsql-hackers@arkaria.postgresql.org; Tue, 11 Feb 2025 20:00:29 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1thwQn-00F4SN-0V
	for pgsql-hackers@lists.postgresql.org; Tue, 11 Feb 2025 20:00:29 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1thwQl-000HS1-1Z
	for pgsql-hackers@postgresql.org;
	Tue, 11 Feb 2025 20:00:28 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 51BK0MR03208431;
	Tue, 11 Feb 2025 15:00:23 -0500
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Jelte Fennema-Nio <postgres@jeltef.nl>
cc: PostgreSQL-development <pgsql-hackers@postgresql.org>,
        Andres Freund <andres@anarazel.de>
Subject: Re: Bump soft open file limit (RLIMIT_NOFILE) to hard limit on startup
In-reply-to: <3203865.1739301613@sss.pgh.pa.us>
References: <CAGECzQQh6VSy3KG4pN1d=h9J=D1rStFCMR+t7yh_Kwj-g87aLQ@mail.gmail.com> <3203865.1739301613@sss.pgh.pa.us>
Comments: In-reply-to Tom Lane <tgl@sss.pgh.pa.us>
	message dated "Tue, 11 Feb 2025 14:20:13 -0500"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <3208429.1739304022.1@sss.pgh.pa.us>
Date: Tue, 11 Feb 2025 15:00:22 -0500
Message-ID: <3208430.1739304022@sss.pgh.pa.us>
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: <https://www.postgresql.org/message-id/3208430.1739304022%40sss.pgh.pa.us>
Precedence: bulk

I wrote:
> Maybe a sanity limit on how high we'll try to raise the ulimit
> would help.

Oh, I'd forgotten that we already have one: max_files_per_process.
Since that's only 1000 by default, this patch doesn't actually have
any effect (on Linux anyway) unless the DBA raises
max_files_per_process.  That alleviates my concern quite a bit.

... but not completely.  You didn't read all of Pid Eins' advice:

    If said program you hack on forks off foreign programs, make sure
    to reset the RLIMIT_NOFILE soft limit back to 1024 for them. Just
    because your program might be fine with fds >= 1024 it doesn't
    mean that those foreign programs might. And unfortunately
    RLIMIT_NOFILE is inherited down the process tree unless explicitly
    set.

I think we'd need to pay some attention to that in e.g. COPY FROM
PROGRAM.  I also wonder whether plperl, plpython, etc can be
guaranteed not to run any code that depends on select(2).

			regards, tom lane